Follow us on Twitter!
Imagination is more valuable than knowledge - Albert Einstein
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 12
Guests Online: 11
Members Online: 1

Registered Members: 82876
Newest Member: bhl1986
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

ddos

Demons Halo
Member



Posts: 261
Location: Sweden
Joined: 26.03.09
Rank:
Apprentice
Posted on 09-12-10 07:34
Now since operation payback is going wild west style all over the net, I would like to get some info about how they do what they do.

Obviously, they are using DDOS attacks, yet as far as I know, DDOS attacks can be stopped by filtering traffic.

I am probably wrong about this, therefore I would appreciate it in case someone could provide me with some good reading material on advanced DDOS and DDOS protection?

cheers
base_dropper@hotmail.com www.demonshalo.com
Author

RE: ddos

AldarHawk
Member



Posts: 1690
Location: Canada
Joined: 26.01.06
Rank:
Hacker Level 1
Posted on 09-12-10 12:17
there are thousands of different types of attacks. DDoS is just one of them.
Yes every type of attack CAN be stopped. However, the systems need to have the correct programing in place to stop each attempt.
The way people perform these attacks is they read up on how certain vulnerabilities work and then make a system that can execute this attack.
There are those that just look for programs that are pre-coded but we do not like to talk about these people.


Just ask Yahoo!Taboo! http://www.erikwestlake.com
Author

RE: ddos


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-12-10 14:55
A lot of the current members of "operation payback" are downloading loic and using the combined efforts to ddos mastercard. I'm pretty sure mastercard has already secured itself from this certain attack.
Author

RE: ddos


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-12-10 02:33
"The hacker told AFP that they recruit members from everywhere including imageboards , forums, Facebook, Twitter and so on. The members then download the botnet - a collection of software used to trigger the attack by activating all the systems which have downloaded the software to attack one site."

http://timesofindia.indiatimes.com/world/us/First-world-war-in-cyberspace-over-WikiLeaks/articleshow/7074660.cms#ixzz17fjcQGSY"

Voluntarily making your computer a part of a botnet? Sweet.

Owned:
http://nakedsecurity.sophos.com/2010/12/09/dutch-boy-arrested-for-wikileaks-related-ddos-attacks-on-mastercard-and-paypal/

Edited by on 10-12-10 02:40
Author

RE: ddos


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-12-10 16:30
Dos attacks are kinda script kiddie attacks....you could make a dos attack program with batch...and all the dumb 4chan dildos are taking the credit for crashing mastercard..Fuck 4chan..anyway there isnt really protection from a dos attack but there is some website like google that it could not be shut down...what you do is overload the site/server with a bunch of crap..like packets of info. What you do to pull of an dos attack is have a tit load of computers attacking a site all at the same time. And stop watching Fox-News for your hacking news...
And for you articles, http://www.hellboundhackers.org/articles/index.php
this a good for articles. xD


Author

RE: ddos


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-12-10 17:29
Blackmercury wrote:
Dos attacks are kinda script kiddie attacks....you could make a dos attack program with batch...and all the dumb 4chan dildos are taking the credit for crashing mastercard..Fuck 4chan..anyway there isnt really protection from a dos attack but there is some website like google that it could not be shut down...what you do is overload the site/server with a bunch of crap..like packets of info. What you do to pull of an dos attack is have a tit load of computers attacking a site all at the same time. And stop watching Fox-News for your hacking news...
And for you articles, http://www.hellboundhackers.org/articles/index.php
this a good for articles. xD


Let me elaborate.

en.wikipedia.org/wiki/Skiddie
In hacker culture, a script kiddie, or skiddie, occasionally script bunny, skid, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks.


So. If a skiddie is a person who use other persons scripts and code to attack a computer system or network. Then how are they a skiddie if they make a batch script themselves?

Oh, and btw. The chance of a pinging batch script taking down any -real- target. Is probably the same as you not still living with your mother.

Furthermore. The batch script you are talking about, has absolutely nothing to do with DDoS.

As to protection against DoS attacks. There is. Lots. You clearly just know nothing of what you are talking about.

So please. Please. Be quiet.
Author

RE: ddos

AldarHawk
Member



Posts: 1690
Location: Canada
Joined: 26.01.06
Rank:
Hacker Level 1
Posted on 13-12-10 17:52
hahahahahahahahahahahahahahahahahahahahahahahahahahahaha

Did I
mention...hahahahahahahahahahahahahahahah?

Wow...this is a great posting Kasper!




Edited by Mr_Cheese on 13-12-10 18:35
Just ask Yahoo!Taboo! http://www.erikwestlake.com
Author

RE: ddos

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 13-12-10 18:39
depending on the size of the attack, there is no protection.

rejecting traffic still uses resources, so even if the sysadmin has configured everything to reject the traffic causing the DDoS... if theres enough, it will still potentially crash or slow down the system due to the resources used to reject the traffic. even if it doesnt reach the server, routers etc can still be targetted using the same princible.

correct me if im wrong.

the botnet collection used in operation payback numbers is in the 10's of thousands.... it will be interesting to see how amazons cloud network holds up in the pending attack(s).

Edited by Mr_Cheese on 13-12-10 18:41
http://www.hellboundhackers.org/
Author

RE: ddos

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 16-12-10 16:32
Mr_Cheese wrote:
the botnet collection used in operation payback numbers is in the 10's of thousands.... it will be interesting to see how amazons cloud network holds up in the pending attack(s).


I did a little coding trickery to get my own bot inside the IRC channel, and there's a lot less than 10's of thousands of clients. Much, much, less.

MoshBat wrote:
perception wrote:
All the current members of "operation payback" are downloading loic and using the combined efforts to ddos whatever target appears in the IRC channel. I'm pretty sure mastercard has already secured itself from this certain attack.


Actually, a lot of people are using alternate tools like hping.


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: ddos

GTADarkDude
Member



Posts: 142
Location: The Netherlands
Joined: 23.02.08
Rank:
Newbie
Posted on 16-12-10 19:36
stealth- wrote:
Mr_Cheese wrote:
the botnet collection used in operation payback numbers is in the 10's of thousands.... it will be interesting to see how amazons cloud network holds up in the pending attack(s).

I did a little coding trickery to get my own bot inside the IRC channel, and there's a lot less than 10's of thousands of clients. Much, much, less.

I read the other day that 'a few' LOIC clients would be enough to take websites offline like om.nl. (Dutch Public Prosecutor: openbaar ministerie) I also thought I read the number '5' somewhere, but I can't find that article anymore...

(I know it sounds like a ridiculously low amount, but perhaps the om.nl servers are just very crappy or the few DDoSers have had a LOT of bandwidth. Or both.)


...

Edited by GTADarkDude on 16-12-10 19:39
- - -
Author

RE: ddos

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 16-12-10 23:49
GTADarkDude wrote:
stealth- wrote:
Mr_Cheese wrote:
the botnet collection used in operation payback numbers is in the 10's of thousands.... it will be interesting to see how amazons cloud network holds up in the pending attack(s).

I did a little coding trickery to get my own bot inside the IRC channel, and there's a lot less than 10's of thousands of clients. Much, much, less.

I read the other day that 'a few' LOIC clients would be enough to take websites offline like om.nl. (Dutch Public Prosecutor: openbaar ministerie) I also thought I read the number '5' somewhere, but I can't find that article anymore...

(I know it sounds like a ridiculously low amount, but perhaps the om.nl servers are just very crappy or the few DDoSers have had a LOT of bandwidth. Or both.)


Well, om.nl was never an actual official target. It was up for debate, but Anonymous decided to go with Mastercard instead. If anyone was attacking om.nl, it was on their own accord, and not because of the botnet. It was up for debate attacking it because police in the netherlands arrested a 16 year old IRC admin from there.

Anyway, regarding Demons' original question, the LOIC software they are using has three attack methods: TCP, UDP, and HTTP. In the case of TCP and UDP, it opens a shitload of connections to the target host on various ports and spews out a message payload constantly. For HTTP, it opens a ton of web GET requests for a file named after the payload and appended with various random characters. The botnet was usually set to the TCP method.

There are also many other branches of the LOIC software, and a few rewrites. PyLOIC, JS LOIC, Java LOIC, HOIC, etc... Most of them are in development or have reduced functionality, though.

I don't know about the other LOIC software, but PyLOIC, JS LOIC, and the "stock" LOIC don't use any attempts to hide the user. Usually DDOS attackers can use IP spoofing, but LOIC didn't implement this as it enhances the ease of blocking the attacks or can be blocked by ISP's using basic egress filtering. However, the only two arrests that have been made were of that 16 year old IRC admin and another guy who attacked the Netherlands website in retaliation.

Either way, these attacks are easy to detect, especially the HTTP ones. But Mr. Cheese is right, doing DDOS protection results in DDOS'ing the machine that's doing the protecting. The best you can do is mitigate the attacks.

Hope that helps Wink


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com